SIGMA key exchange protocol

E831957

The SIGMA key exchange protocol is a cryptographic protocol designed to provide secure authenticated key exchange with strong security guarantees and has been widely used as the basis for protocols like IKE in IPsec.

Try in SPARQL Jump to: Surface forms Statements Referenced by

All labels observed (1)

Label Occurrences
SIGMA key exchange protocol canonical 1

Statements (48)

Predicate Object
instanceOf authenticated key exchange protocol
cryptographic key exchange protocol
security protocol
addressesWeaknessOf naive signed Diffie–Hellman
considered a de facto standard design for authenticated Diffie–Hellman protocols
designedFor authenticated key exchange
key establishment
mutual authentication
developedInField applied cryptography
hasAcronym SIGMA NERFINISHED
hasDesignFeature identity protection
protection of identities under passive eavesdropping
separation of authentication and key confirmation
sign-then-MAC structure
support for certificate-based authentication
support for public-key signatures
hasFullName SIGn-and-MAc key exchange protocol NERFINISHED
hasMessageFlow two-pass Diffie–Hellman exchange with authenticated payloads
hasProperty binds session keys to authenticated identities
binds session keys to protocol transcript
supports mutual authentication in standard variants
supports negotiation of cryptographic algorithms
supports unilateral authentication in some variants
hasSecurityGoal key indistinguishability
resistance to reflection attacks
resistance to replay attacks
strong security under active attacks
hasSecurityModel provable security in the Bellare–Rogaway style model
hasVariant SIGMA with identity protection
SIGMA-I NERFINISHED
SIGMA-R NERFINISHED
improvesOn Station-to-Station (STS) protocol NERFINISHED
inspired Internet Key Exchange (IKE) NERFINISHED
providesProperty explicit entity authentication
forward secrecy
resistance to identity misbinding
resistance to key-compromise impersonation
resistance to man-in-the-middle attacks
relatedTo Station-to-Station (STS) protocol NERFINISHED
usedAsBasisFor Internet Key Exchange version 1 (IKEv1) NERFINISHED
Internet Key Exchange version 2 (IKEv2) NERFINISHED
usedInContext IPsec NERFINISHED
secure channel establishment
virtual private networks
usesPrimitive Diffie–Hellman key exchange NERFINISHED
cryptographic hash functions
digital signatures
message authentication codes

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

Hugo Krawczyk knownFor SIGMA key exchange protocol